Nokia IPSO 4.0 Cell Phone User Manual


 
8
304 Nokia Network Voyager for IPSO 4.0 Reference Guide
5. If you entered a passphrase when you generated the certificate and private key, you must
enter the passphrase in the Passphrase field.
6. Click Submit.
Troubleshooting SSL/TLS Configuration
You might have trouble accessing Nokia Network Voyager if SSL/TLS is not configured
correctly. If you have trouble accessing Network Voyager, try the following remedies.
Check that you are using the correct URL. When you enable SSL/TLS, you must use https
rather than http when you connect through your Web browser, unless the Redirect HTTP
Requests to HTTPS option is enabled.
Check that you are using the correct PEM-encoded certificate and private key, and that they
are installed properly with the dashed begin and end lines. You can view the certificate and
private key in the /var/etc/voyager_ssl_server.crt and /var/etc/voyager_ssl_server.key files
respectively.
Check the HTTP daemon error message log. You can find the messages in the following
logs: /var/log/httpd_error_log and /var/log/ssl_engine_log. The messages can help you
troubleshoot further and might contain important information for Customer Support should
you contact them.
Secure Shell (SSH)
IPSO uses the Secure Shell (SSH) program to provide secure connections for the CLI. SSH
allows you to securely log in to another computer over a network, execute commands on a
remote platform, and move files from one platform to another platform. SSH provides a
connection similar to Telnet or rlogin, except that the traffic is encrypted and both ends are
authenticated.
The Nokia SSH implementation supports both SSHv1and SSHv2. Some of the differences
between SSHv1 and SSHv2 include what part of the packet the protocol encrypts and how each
protocol authenticates: SSHv1 authenticates with server and host keys, while SSHv2
authenticates by using only host keys. Even though SSHv1 uses server and host-key
authentication, SSHv2 is a more secure, faster, and more portable protocol. In some cases,
SSHv1 might be more suitable because of your client software or your need to use the
authentication modes of the protocol.
Properly used, SSH provides you with session protection from the following security threats:
DNS spoofing
Interception of passwords
IP spoofing
IP source routing
Person-in-the-middle attacks (SSHv2 only)